@@ -35,7 +35,9 @@ struct PackageVersionChecksumTOFU {
3535 self . versionMetadataProvider = versionMetadataProvider
3636 }
3737
38- func validate(
38+ // MARK: - source archive
39+
40+ func validateSourceArchive(
3941 registry: Registry ,
4042 package : PackageIdentity . RegistryIdentity ,
4143 version: Version ,
@@ -62,7 +64,7 @@ struct PackageVersionChecksumTOFU {
6264 case . warn:
6365 observabilityScope
6466 . emit (
65- warning: " The checksum \( checksum) does not match previously recorded value \( expectedChecksum) "
67+ warning: " the checksum \( checksum) for source archive of \( package ) \( version ) does not match previously recorded value \( expectedChecksum) "
6668 )
6769 }
6870 }
@@ -84,6 +86,7 @@ struct PackageVersionChecksumTOFU {
8486 self . readFromStorage (
8587 package : package ,
8688 version: version,
89+ contentType: . sourceCode,
8790 observabilityScope: observabilityScope,
8891 callbackQueue: callbackQueue
8992 ) { result in
@@ -113,6 +116,7 @@ struct PackageVersionChecksumTOFU {
113116 package : package ,
114117 version: version,
115118 checksum: checksum,
119+ contentType: . sourceCode,
116120 observabilityScope: observabilityScope,
117121 callbackQueue: callbackQueue
118122 ) { writeResult in
@@ -130,9 +134,69 @@ struct PackageVersionChecksumTOFU {
130134 }
131135 }
132136
137+ // MARK: - manifests
138+
139+ func validateManifest(
140+ registry: Registry ,
141+ package : PackageIdentity . RegistryIdentity ,
142+ version: Version ,
143+ toolsVersion: ToolsVersion ? ,
144+ checksum: String ,
145+ timeout: DispatchTimeInterval ? ,
146+ observabilityScope: ObservabilityScope ,
147+ callbackQueue: DispatchQueue ,
148+ completion: @escaping ( Result < Void , Error > ) -> Void
149+ ) {
150+ let contentType = Fingerprint . ContentType. manifest ( toolsVersion)
151+
152+ self . readFromStorage (
153+ package : package ,
154+ version: version,
155+ contentType: . manifest( toolsVersion) ,
156+ observabilityScope: observabilityScope,
157+ callbackQueue: callbackQueue
158+ ) { result in
159+ switch result {
160+ case . success( . some( let expectedChecksum) ) :
161+ // Previously recorded checksum
162+ do {
163+ if checksum != expectedChecksum {
164+ switch self . fingerprintCheckingMode {
165+ case . strict:
166+ throw RegistryError . invalidChecksum ( expected: expectedChecksum, actual: checksum)
167+ case . warn:
168+ observabilityScope
169+ . emit (
170+ warning: " the checksum \( checksum) for \( contentType) of \( package ) \( version) does not match previously recorded value \( expectedChecksum) "
171+ )
172+ }
173+ }
174+ completion ( . success( ( ) ) )
175+ } catch {
176+ completion ( . failure( error) )
177+ }
178+ default :
179+ self . writeToStorage (
180+ registry: registry,
181+ package : package ,
182+ version: version,
183+ checksum: checksum,
184+ contentType: . manifest( toolsVersion) ,
185+ observabilityScope: observabilityScope,
186+ callbackQueue: callbackQueue
187+ ) { writeResult in
188+ completion ( writeResult. tryMap { _ in ( ) } )
189+ }
190+ }
191+ }
192+ }
193+
194+ // MARK: - storage helpers
195+
133196 private func readFromStorage(
134197 package : PackageIdentity . RegistryIdentity ,
135198 version: Version ,
199+ contentType: Fingerprint . ContentType ,
136200 observabilityScope: ObservabilityScope ,
137201 callbackQueue: DispatchQueue ,
138202 completion: @escaping ( Result < String ? , Error > ) -> Void
@@ -145,6 +209,7 @@ struct PackageVersionChecksumTOFU {
145209 package : package . underlying,
146210 version: version,
147211 kind: . registry,
212+ contentType: contentType,
148213 observabilityScope: observabilityScope,
149214 callbackQueue: callbackQueue
150215 ) { result in
@@ -155,7 +220,9 @@ struct PackageVersionChecksumTOFU {
155220 completion ( . success( nil ) )
156221 case . failure( let error) :
157222 observabilityScope
158- . emit ( error: " Failed to get registry fingerprint for \( package ) \( version) from storage: \( error) " )
223+ . emit (
224+ error: " failed to get registry fingerprint for \( contentType) of \( package ) \( version) from storage: \( error) "
225+ )
159226 completion ( . failure( error) )
160227 }
161228 }
@@ -166,6 +233,7 @@ struct PackageVersionChecksumTOFU {
166233 package : PackageIdentity . RegistryIdentity ,
167234 version: Version ,
168235 checksum: String ,
236+ contentType: Fingerprint . ContentType ,
169237 observabilityScope: ObservabilityScope ,
170238 callbackQueue: DispatchQueue ,
171239 completion: @escaping ( Result < Void , Error > ) -> Void
@@ -174,10 +242,11 @@ struct PackageVersionChecksumTOFU {
174242 return completion ( . success( ( ) ) )
175243 }
176244
245+ let fingerprint = Fingerprint ( origin: . registry( registry. url) , value: checksum, contentType: contentType)
177246 fingerprintStorage. put (
178247 package : package . underlying,
179248 version: version,
180- fingerprint: . init ( origin : . registry ( registry . url ) , value : checksum ) ,
249+ fingerprint: fingerprint ,
181250 observabilityScope: observabilityScope,
182251 callbackQueue: callbackQueue
183252 ) { result in
@@ -191,7 +260,7 @@ struct PackageVersionChecksumTOFU {
191260 case . warn:
192261 observabilityScope
193262 . emit (
194- warning: " The checksum \( checksum) from \( registry. url. absoluteString) does not match previously recorded value \( existing. value) from \( String ( describing: existing. origin. url? . absoluteString) ) "
263+ warning: " the checksum \( checksum) for \( contentType ) of \( package ) \( version ) from \( registry. url. absoluteString) does not match previously recorded value \( existing. value) from \( String ( describing: existing. origin. url? . absoluteString) ) "
195264 )
196265 completion ( . success( ( ) ) )
197266 }
0 commit comments